[C++] HostsPatch
 

Hey everyone,

Saw this new section and I have some old sources to share with you guys. This is the first: a 'hosts' patcher. It adds an entry to the hosts file.

It supports read-only hosts files, just let the user start the keygen/patch as Administrator. It works for both x32 and x64.

Usage is simple:
Feel free to use it in your keygens/patches, credit not needed, but appreciated.

Greetings,

Mr. eXoDia

windows 8 changes the hosts file encoding, it supports several encodings(with BOM). so it can be a non-ANSI file. But the default is ANSI.

a few recomendations..

> GetWindowsDirectoryA(hosts, 256);
> PathAppendA(hosts, "system32\\drivers\\etc\\hosts");
using a symlink \\.\globalroot\systemroot\drivers\hosts will be more easy :)

> char* data=new char[size+website_len*2];
ok, new, c++, but it generate an exception if can't alloc memory. no try/except found.

> int website_len=strlen(website);
no input buffer check.

> memset(data, 0, size+website_len*2);
by default new memory is alreadt zero initiialized.

> if(!ReadFile(hFile, data, size, &read, 0))
if(!ReadFile(hFile, data, size, &read, 0) || read != size)

> MessageBoxA(hwndDlg, "Could not read file attributes", "Opened with admin privileges?", MB_ICONERROR|MB_SYSTEMMODAL);
use IsUserAnAdmin for checking admin rights, GetFileAttributes doesn't require them.

> unsigned int size=GetFileSize(hFile, 0);
it's recommended to use GetFileSizeEx :)

> if(!WriteFile(hFile, data, strlen(data), &written, 0))
if(!WriteFile(hFile, data, strlen(data), &written, 0) || strlen(data) != written)

I advice you to read about SESE coding style.
In general such code is not recommended to use because hosts is a malwares lovely file. It's better to use firewall or hooks.

@SLV: Thanks for your suggestions, feel free to update the code and upload it here when it's fixed. I personally detest SESE pretty much always, I only use it sometimes, but what's the point of generating a 10-layer deep if statement if you could simply do some checks and return false if something went wrong?

The only disadvantage is the possibility of handle/memory leaks, usually this can be resolved by writing a small class like this:
Which you can then use like this:
EDIT: Some more information and opinions about SESE: http://stackoverflow.com/questions/12745412/single-entry-single-exit-rule

SESE is very userful for debugging and preventing memory/handle leaks. My lovely construction is:

If you're doing C++, SESE is pretty much outdated. The better alternative is to use the RAII principle (resource acquisition is initialization), i.e. you would have a local instance of a HANDLE-class that closes the handle on destruction. You can even "abuse" std::unique_ptr for this by providing a custom deleter.
This also makes the code much more readable than the SESE style. Also, you almost never want to use raw memory (i.e. naked pointers). Simply use unique_ptr, which automatically makes you exception save and prevents any memory leaks.